[#23132] [Bug #1357] Fixing variables into specific CPU registers deemed overrated & may disturb compilers' optimizers — Ollivier Robert <redmine@...>
Bug #1357: Fixing variables into specific CPU registers deemed overrated & may disturb compilers' optimizers
5 messages
2009/04/06
[#23154] [Bug #1363] Wrong value for Hash of NaN — Heesob Park <redmine@...>
Bug #1363: Wrong value for Hash of NaN
10 messages
2009/04/08
[#23423] Re: [Bug #1363] Wrong value for Hash of NaN
— Nobuyoshi Nakada <nobu@...>
2009/05/11
Hi,
[#23425] Re: [Bug #1363] Wrong value for Hash of NaN
— Yukihiro Matsumoto <matz@...>
2009/05/11
Hi,
[#23427] Re: [Bug #1363] Wrong value for Hash of NaN
— Urabe Shyouhei <shyouhei@...>
2009/05/11
Yukihiro Matsumoto wrote:
[#23168] [Bug #1367] flatten(0) is not consistent with flatten(), flatten(1), etc. — Paul Lewis <redmine@...>
Bug #1367: flatten(0) is not consistent with flatten(), flatten(1), etc.
6 messages
2009/04/08
[#23211] [Bug #1367] flatten(0) is not consistent with flatten(), flatten(1), etc.
— Paul Lewis <redmine@...>
2009/04/15
Issue #1367 has been updated by Paul Lewis.
[#23174] [Feature #1371] FTPS Implicit — Daniel Parker <redmine@...>
Feature #1371: FTPS Implicit
6 messages
2009/04/09
[#23193] Regexp Encoding — James Gray <james@...>
I'm trying to document the Encoding Regexp objects receive for the =20
5 messages
2009/04/13
[#23194] [Feature #1377] Please provide constant File::NOATIME — Johan Walles <redmine@...>
Feature #1377: Please provide constant File::NOATIME
5 messages
2009/04/13
[#23231] What do you think about changing the return value of Kernel#require and Kernel#load to the source encoding of the required file? — =?ISO-8859-15?Q?Wolfgang_N=E1dasi-Donner?= <ed.odanow@...>
Dear Ruby developers and users!
8 messages
2009/04/17
[#23233] Re: What do you think about changing the return value of Kernel#require and Kernel#load to the source encoding of the required file?
— Michael Neumann <mneumann@...>
2009/04/17
Wolfgang N叩dasi-Donner wrote:
[#23244] Re: What do you think about changing the return value of Kernel#require and Kernel#load to the source encoding of the required file?
— Michael Neumann <mneumann@...>
2009/04/17
Wolfgang N叩dasi-Donner wrote:
[#23245] Re: What do you think about changing the return value of Kernel#require and Kernel#load to the source encoding of the required file?
— Wolfgang Nádasi-Donner <ed.odanow@...>
2009/04/17
Michael Neumann schrieb:
[#23252] [Bug #1392] Object#extend leaks memory on Ruby 1.9.1 — Muhammad Ali <redmine@...>
Bug #1392: Object#extend leaks memory on Ruby 1.9.1
4 messages
2009/04/18
[#23267] StringIO: RubySpec violation — Hongli Lai <[email protected]>
I ran RubySpec against the 1.8.6-p368 release. It seems that
5 messages
2009/04/20
[#23289] [Bug #1399] Segmentation fault is raised when you use a postgres gem — Marcel Keil <redmine@...>
Bug #1399: Segmentation fault is raised when you use a postgres gem
3 messages
2009/04/23
[#23297] Ruby Oniguruma question — Ralf Junker <ralfjunker@...>
I see that the Ruby source code contains modified and more recent version of the Oniguruma regular expression library.
5 messages
2009/04/23
[#23305] [Bug #1403] Process.daemon should do a double fork to avoid problems with controlling terminals — Gary Wright <redmine@...>
Bug #1403: Process.daemon should do a double fork to avoid problems with controlling terminals
7 messages
2009/04/24
[#23306] Re: [Bug #1403] Process.daemon should do a double fork to avoid problems with controlling terminals
— Nobuyoshi Nakada <nobu@...>
2009/04/24
Hi,
[#23307] Re: [Bug #1403] Process.daemon should do a double fork to avoid problems with controlling terminals
— Gary Wright <gwtmp01@...>
2009/04/25
[#23311] [Bug #1404] Net::HTTP::Post failing when a post field contains ":" — Ignacio Martín <redmine@...>
Bug #1404: Net::HTTP::Post failing when a post field contains ":"
5 messages
2009/04/25
[#23318] [Feature #1408] 0.1.to_r not equal to (1/10) — Heesob Park <redmine@...>
Feature #1408: 0.1.to_r not equal to (1/10)
19 messages
2009/04/26
[#23345] [Feature #1408] 0.1.to_r not equal to (1/10)
— Roger Pack <redmine@...>
2009/05/01
Issue #1408 has been updated by Roger Pack.
[#25662] [Feature #1408] 0.1.to_r not equal to (1/10)
— Marc-Andre Lafortune <redmine@...>
2009/09/20
Issue #1408 has been updated by Marc-Andre Lafortune.
[#29652] [Feature #1408] 0.1.to_r not equal to (1/10)
— tadayoshi funaba <redmine@...>
2010/04/20
Issue #1408 has been updated by tadayoshi funaba.
[#29663] Re: [Feature #1408] 0.1.to_r not equal to (1/10)
— Marc-Andre Lafortune <ruby-core-mailing-list@...>
2010/04/20
Hi,
[#29887] Re: [Feature #1408] 0.1.to_r not equal to (1/10)
— Marc-Andre Lafortune <ruby-core-mailing-list@...>
2010/04/29
Hi.
[#23321] [Bug #1412] 1.8.7-p160 extmk.rb fails when cross compiling — Luis Lavena <redmine@...>
Bug #1412: 1.8.7-p160 extmk.rb fails when cross compiling
5 messages
2009/04/26
[ruby-core:23256] File.expand_path tainting its return value
From:
Tom Epperly <tepperly@...>
Date:
2009-04-19 14:31:45 UTC
List:
ruby-core #23256
In the context of making a Ruby cgi script that generates a PDF using the Ruby library PDF::Writer, I ran into an odd problem where the script ran fine from the command line but failed when run in the WWW server. The longer story is in the forwarded message below. PDF::Writer uses this idiom to find .tfm files that are stored in the same tree as the Ruby library: METRICS_PATH = [ File.join(File.dirname(File.expand_path(__FILE__)), 'fonts') ] File.expand_path taints its return, and this causes METRICS_PATH to be nil and PDF::Writer to fail. I am not a Ruby guru, but it seems to me very unintuitive that Ruby taints this result when it doesn't seem to depend on the value of any environment variables. The description of the operator implies that it should only use environment variables if a ~ appears in the string. Thanks for a great language, Tom Epperly ---------- Forwarded message ---------- From: Tom Epperly <[email protected]> Date: Mon, Apr 6, 2009 at 12:15 PM Subject: Suggestions/issues for Ruby PDF::Writer To: [email protected] By the way, PDF::Writer is very cool. I am using it to make a program to generate azimuthal maps for amateur radio. I am trying to create a WWW front end for it, but I am have to set $SAFE to 0 apparently because of line 13 in pdf/writer/fontmetrics.rb. METRICS_PATH = [ File.join(File.dirname(File.expand_path(__FILE__)), 'fonts') ] The results of File.expand_path(__FILE__) is considered tainted. This ultimately causes the METRICS_PATH to be [ nil ]. This simple program demonstrates the problem: #!/usr/bin/env ruby require 'pdf/writer' $SAFE = 1 pdf = PDF::Writer.new(:paper => "LETTER") pdf.text("Hello world") pdf.save_as("foo.pdf") % ruby foo.rb /usr/lib/ruby/1.8/pdf/writer.rb:794:in `load_font': private method `sub' called for nil:NilClass (NoMethodError) from /usr/lib/ruby/1.8/pdf/writer.rb:1005:in `select_font' from /usr/lib/ruby/1.8/pdf/writer.rb:1067:in `font_height' from /usr/lib/ruby/1.8/pdf/writer.rb:2401:in `text' from foo.rb:5 This second example demonstrates where the tainting occurs. I am not sure why expand_path taints its result, but it apparently does. #!/usr/bin/env ruby file = __FILE__ print file + "\n" print "Is tainted? " + file.tainted?.to_s + "\n" path = File.expand_path(file) print path + "\n" print "Is tainted? " + path.tainted?.to_s + "\n" dirname = File.dirname(path) print dirname + "\n" print "Is tainted? " + dirname.tainted?.to_s + "\n" fdir = File.join(dirname, 'fonts') print fdir + "\n" print "Is tainted? " + fdir.tainted?.to_s + "\n" print File.exists?(File.join(fdir, "Times-Roman.afm")).to_s + "\n" % ruby -T1 foo2.rb foo2.rb Is tainted? false /tmp/foo2.rb Is tainted? true /tmp Is tainted? true /tmp/fonts Is tainted? true foo2.rb:15:in `exists?': Insecure operation - exists? (SecurityError) from foo2.rb:15 It would be nice if PDF::Writer could work with arbitrary values of $SAFE. It would also be nice if there was a way that I could set up a circular clipping path. Tom